From: Mathias Krause Date: Mon, 30 Sep 2013 20:05:40 +0000 (+0200) Subject: unix_diag: fix info leak X-Git-Tag: firefly_0821_release~6453^2~448 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=39283085a92262f9446b95d36df9724902b7579a;p=firefly-linux-kernel-4.4.55.git unix_diag: fix info leak [ Upstream commit 6865d1e834be84ddd5808d93d5035b492346c64a ] When filling the netlink message we miss to wipe the pad field, therefore leak one byte of heap memory to userland. Fix this by setting pad to 0. Signed-off-by: Mathias Krause Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- diff --git a/net/unix/diag.c b/net/unix/diag.c index d591091603bf..86fa0f3b2caf 100644 --- a/net/unix/diag.c +++ b/net/unix/diag.c @@ -124,6 +124,7 @@ static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct unix_diag_r rep->udiag_family = AF_UNIX; rep->udiag_type = sk->sk_type; rep->udiag_state = sk->sk_state; + rep->pad = 0; rep->udiag_ino = sk_ino; sock_diag_save_cookie(sk, rep->udiag_cookie);